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DETAILED ACTION 

Remarks 

1 . Claims 1-32 are pending. 

2. The information disclosure statement (IDS) submitted on 2/1 1/2008 has been 
considered by the examiner. 

Continued Examination Under 37 CFR 1.114 

3. A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1 .1 7(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
2/11/2008 has been entered. 

Claim Rejections - 35 USC § 101 

4. 35 U.S.C. 101 reads as follows: 



Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 
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5. Claims 23-32 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. The claimed subject matter, "an isolation 
environment", does not fit into any of the statutory categories (process, machine, 
manufacture, or composition of matter). In order for the claimed subject matter to fit into 
a statutory category under 35 USC 101 , the Applicant is requested to further distinguish 
the claimed subject matter to adhere to one of these categories. 



Claim Rejections - 35 USC § 102 

6. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1 ) an application for patent, published under section 1 22(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 



7. Claims 1 -32 are rejected under 35 U.S.C. 1 02(e) as being anticipated by Kaqi et 
a! (' Kaqi' hereinafter) (Publication Number 2006/0064697). 



As per claim 1 , Kaqi teaches 
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A method for isolating access by application programs to native resources 
provided by an operating system, the method comprising the steps of: (see abstract and 
background) 

(a) redirecting to an isolation environment comprising a user isolation scope and 
an application isolation scope a request for a native resource made by a process 
executing on behalf of a first user; (virtual machine which performs isolation by 
virtualizing resources, paragraph [0019], lines 5-15) 

(b) locating an instance of the requested native resource in the user isolation 
scope on behalf of a first user; (virtual device inside of VMM, paragraph [0022], lines 18- 
21) 

and (c) responding to the request for the native resource using the instance of 
the required native resource located in the user isolation scope, (virtual devices 
virtualize functionalities of physical devices, paragraph [0026], lines 1-3) 

As per claim 2, Kaqi teaches 

step (b) comprises failing to locate an instance of the requested native resource 
in the user isolation scope, (paragraph [0063], lines 3-5) 

As per claim 3, Kaqi teaches 

step (c) comprises redirecting the request to the application isolation scope, 
(paragraph [0028], lines 1-5) 
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As per claim 4, Kagi teaches 

(d) locating an instance of the requested native resource in the application 
isolation scope; (paragraph [0025], lines 4-6) 

and responding to the request for the native resource using the instance of the 
requested native resource located in the application isolation scope, (paragraph [0025], 
lines 5-8) 

As per claim 5, Kagi teaches 

step (e) comprises creating an instance of the requested native resource in the 
user isolation scope that corresponds to the instance of the requested native resource 
located in the application isolation scope and responding to the request for the native 
resource using the instance of the requested native resource created in the user 
isolation scope, (paragraph [0026], lines 8-12) 

As per claim 6, Kagi teaches 

step (d) comprises failing to locate an instance of the requested native resource 
in the application isolation scope, (paragraph [0063], lines 3-5) 

As per claim 7, Kagi teaches 

step (e) comprises responding to the request for the native resource using the 
system-scoped native resource, (paragraph [0023], lines 1-4) 
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As per claim 8, Kagi teaches 

step (e) comprises: creating an instance of the requested native resource in the 
user isolation scope that corresponds to the instance of the requested resource located 
in the system scope and responding to the request for the native resource using the 
instance of the resource created in the user isolation scope, (paragraph [0019], lines 6- 
10) 

As per claim 9, Kagi teaches 

the step of hooking a request for a native resource made by a process executing 
on behalf of a first user, (paragraph [0024], lines 2-5) 

As per claim 1 0, Kagi teaches 

the step of intercepting a request for a native resource executing on behalf of a 
first user, (paragraph [0025], lines 4-7) 

As per claim 1 1 , Kagi teaches 

the step of intercepting by a file system filter driver a request for a file system 
native resource executing on behalf of a first user, (paragraph [0026], lines 10-14) 



As per claim 1 2, Kagi teaches 
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step (a) comprises redirecting to an isolation environment comprising a user 
isolation scope and an application isolation scope a request for a file made by a process 
executing on behalf of a first user, (paragraph [0027], lines 3-7) 

As per claim 1 3, Kaqi teaches 

step (a) comprises redirecting to an isolation environment comprising a user 
isolation scope and an application isolation scope a request for a registry database 
entry made by a process executing on behalf of a first user, (paragraph [0026], lines 10- 
15) 

As per claim 14, Kaqi teaches 

(d) redirecting to the isolation environment a request for the native resource 
made by a second process executing on behalf of a second user; (paragraph [0025], 
lines 8-12) 

(e) locating an instance of the requested native resource in a second user 
isolation scope; (paragraph [0025], lines 10-14) 

(f) and responding to the request for the native resource using the instance of the 
native resource located in the second user isolation scope, (paragraph [0025], lines 10- 
16) 



As per claim 1 5, Kaqi teaches 
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the process executes concurrently on behalf of a first user and a second user, 
(paragraph [0022], lines 4-10) 

As per claim 1 6, Kaqi teaches 

step (e) comprises failing to locate an instance of the requested native resource 
in the second user isolation scope, (paragraph [0063], lines 3-5) 

As per claim 1 7, Kaqi teaches 

step (f) comprises redirecting the request to the application isolation scope, 
(paragraph [0028], lines 2-5) 

As per claim 18, Kaqi teaches 

(d) locating an instance of the requested resource in the application isolation 
scope; (paragraph [0025], lines 2-5) 

and (e) responding to the request for the native resource using the version of the 
native resource located in the application isolation scope, (paragraph [0025], lines 3-6) 

As per claim 1 9, Kaqi teaches 

(d) redirecting to the isolation environment a request for a native resource made 
by a second process executing on behalf of a first user; (paragraph [0025], lines 8-12) 

(e) locating an instance of the requested native resource in the user isolation 
scope; (paragraph [0025], lines 10-14) 
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and (f) responding to the request for the native resource using the instance of the 
resource located in the user isolation scope, (paragraph [0025], lines 10-16) 

As per claim 20, Kaqi teaches 

step (e) comprises failing to locate an instance of the requested native resource 
in the user isolation scope, (paragraph [0063], lines 3-5) 

As per claim 21 , Kaqi teaches 

step (f) comprises redirecting the request to a second application isolation scope, 
(paragraph [0025], lines 8-12) 

As per claim 22, Kaqi teaches 

(d) locating an instance of the requested resource in the second application 
isolation scope; (paragraph [0025], lines 8-12) 

and (e) responding to the request for the native resource using the instance of 
the native resource located in the second application isolation scope, (paragraph [0025], 
lines 10-14) 

As per claim 23, Kaqi teaches 

An isolation environment for isolating access by application programs to native 
resources provided by an operating system, the isolation environment comprising: (see 
abstract and background) 
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a user isolation scope storing an instance of a native resource, the user isolation 
scope corresponding to a user; (virtual machine which performs isolation by virtualizing 
resources, paragraph [0019], lines 5-15) 

and a redirector intercepting a request for the native resource made by a process 
executing on behalf of the user and redirecting the request to the user isolation scope, 
(virtual devices virtualize functionalities of physical devices, paragraph [0026], lines 1-3) 

As per claim 24, Kaqi teaches 

the isolation environment further comprises an application isolation scope storing 
an instance of the native resource, (paragraph [0026], lines 2-6) 

As per claim 25, Kaqi teaches 

the isolation environment further comprises a second application isolation scope 
storing an instance of the native resource, (paragraph [0025], lines 6-12) 

As per claim 26, Kaqi teaches 

the redirector returns a handle to the requesting process that identifies the native 
resource, (paragraph [0028], lines 10-14) 

As per claim 27, Kaqi teaches 

a rules engine specifying behavior for the redirector when redirecting the request, 
(paragraph [0032], lines 4-10) 



Application/Control Number: 10/711,737 
Art Unit: 2168 



Page 1 1 



As per claim 28, Kaqi teaches 

the redirector comprises a file system filter driver, (paragraph [0032], lines 2-5) 
As per claim 29, Kaqi teaches 

the redirector comprises a function hooking mechanism, (paragraph [0038], lines 

4-8) 

As per claim 30, Kaqi teaches 

the function hooking apparatus intercepts an operation selected from the group 
of file system operations, registry operations, operating system services, packing and 
installation services, named object operations, window operations, file-type association 
operations and Component Object Model (COM) server operations, (paragraph [0026], 
lines 8-15) 

As per claim 31 , Kaqi teaches 

the application isolation environment further comprises a second user isolation 
scope storing a second instance of the native resource, (paragraph [0025], lines 8-12) 

As per claim 32, Kaqi teaches 
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the application isolation environment further comprises a second user isolation 
scope storing an instance of the native resource, the second user isolation scope 
corresponding to a second user, (paragraph [0025], lines 10-14) 

Response to Arguments 

8. Applicant's arguments with respect to claims 1-32 have been considered but are 
moot in view of the new ground(s) of rejection. 

Conclusion 

9. The prior art made of record, listed on form PTO-892, and not relied upon is 
considered pertinent to applicant's disclosure. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jay A. Morrison whose telephone number is (571) 272- 
71 12. The examiner can normally be reached on M-F 8-4:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Tim Vo can be reached on (571 ) 272-3642. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



Jay Morrison Tim Vo 

TC2100 TC2100 



/Tim T. Vo/ 

Supervisory Patent Examiner, Art Unit 2168 



